iPhone How To: Specifying the Authentication for an IPSec VPN

For IPSec VPN, you can choose between using a certificate to authenticate the iPad or iPhone and using a group identifier or shared secret. The options available to you depend on which of these two types of authentication you use.

After choosing the basic stteings for the VPN, open the Machine Authentication drop-down list or pop-up menu in the VPN pane and choose Shared Secret/Group Name or Certificate, as appropriate.

If you choose Shared Secret/Group Name in the Machine Authentication drop-down list or pup-up menu, the VPN pane in the iPHone Configuration Utility displays the controls. To set up the authentication, follow these steps:

1. Type the connections group name in the Group Name text box.

2. Type the shared secret in the Shared Secret text box.

3. Select the Use Hybrid Authentication check box if you want to make the connection more secure by using a server-side certificate for authentication as well.

4. Select the Prompt For Password check box if you want the iPad or iPhone to prompt the user for a password.

If you choose Certificate in the Machine Authentication drop-down list or pop-up menu, the VPN pane displays the controls. To set up the authentication, follow these steps:

1. Open the identity Certificate drop-down list or pup-up menu (on the Mac, this pop-up menu is identified only as Credential For Authenticating The Connection) and choose the certificate to use.

2. Select the Include User PIN check box if you want the VPN to request the user’s personal identification number (PIN) during the connection and send it along with the authenticating data.